Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

WEBIRC support #159

Closed
wants to merge 1 commit into from

7 participants

@Kaltiz

Added the ability to specify Hostname and IP of connecting user using the WEBIRC command

@Kaltiz Kaltiz Added WEBIRC Support
Added the ability to specify Hostname and IP of connecting user using the WEBIRC command
d72c660
@Kaltiz Kaltiz referenced this pull request in Fauntleroy/relay.js
Open

CGI:IRC host spoofing #98

@qsheets

One question: why does this need to be in the library rather than the client implementing said library?

I see no advantage to having this in the library. What you did in 18 lines could just as easily be done in 1 or 2 in the client.

@damianb

@qsheets at what point during the connection process, after the socket is opened but before the USER or NICK commands are sent, is it possible to do it in the client

hooking using the connect event isn't guaranteed due to node's async nature and events being FIFO either for the record.

@Trinitas

I made a web irc client and server based on "cjstewart88 Nirc" but all the users gets my local ip in irc so i can't ban them, so this pull would be great!

@Trinitas Trinitas referenced this pull request in cjstewart88/nirc
Closed

Get the users hostname #43

@qsheets
@Trinitas

qsheets: But if the nick is taken would it choose the HEX username instead?

Anyway, here's a guide for those who have their own irc server: http://wiki.mibbit.com/index.php/Enable_Mibbit_on_Your_IRC_Server

example UnrealIRCd

cgiirc {
type webirc;
hostname serveriphere;
password passwordhere;
};

@damianb

You can always set the user's USERNAME to their IP written in Hex.

Or, the client can implement the WEBIRC command to identify the source of the request. The command was created specifically to handle the edge case of whitelisted proxying in of users, so that their "true" host can still be provided in the first place and bans do not have to be adjusted across various pass-through proxies. If the service only allows trusted proxies and they all use the WEBIRC command, then only one single ban-mask needs to be set to cover proxies and direct connection.

What is your justification for not implementing the WEBIRC command, @qsheets? It's rapidly becoming a standard feature, RFC or not, and it cannot be "plugged in" because of IRC's synchronous nature - the WEBIRC directive on some server implementations may be required to be sent at one specific point, which is impossible to ensure with event using an asynchronous dispatch. Having node-irc implement it itself doesn't do anyone any real harm, now does it?

@qsheets

@Trinitas A user's nick and username have no direct correlation. They can be the exact same thing if one wanted to set them up that way -- something that wouldn't happen if the user was an alternate. The closest they come is in the user string nick!user@host.

@damianb In either setup the user's true host is used. The only difference is whether it's presented in the host or the user value. So, is it necessary to implement WebIRC, or is it just a neat little feature? I'm fairly certain it's the latter. Mibbit, for example, uses both methods depending on the server/network to which it's connecting, proving my point.

@damianb

In either setup the user's true host is used. The only difference is whether it's presented in the host or the user value.

Not entirely. Another difference is that - using mibbit's old method, you force channel operators to have to create two banmasks, not just one.

Mibbit, for example, uses both methods depending on the server/network to which it's connecting, proving my point.

Uh. That...actually proves absolutely nothing. I know of several networks which ban open relays - with a whitelist of specific services, soon to be accessed only with the WEBIRC directive on connection.

You can deny that it's a functionality worth implementing all you want - but it's on track to become a real-world standard feature in the big ircds whether you like it or not, and not implementing out of stubbornness is just shortsighted.

@Trinitas

i tested this out on my unrealircd server (webirc-block and rehashed irc config file) but i don't even get any error so i tested

"console.log("Webirc command sent');" and nothing. Line 604
It works but only with SSL enable. maybe update it for no SSL?

@ButtaKnife

Omitting the WEBIRC support means that this library can't feasibly be used for new multi-user IRC clients, such as webchat pages. This library is used by a project which needs WEBIRC support to overcome problems with users getting banned and impacting everyone else using the service. Please reconsider your stance with this request, as it really has no negatives and can only help anyone trying to use the library for multi-user environments.

@martynsmith
Owner

Okay, I'd never even heard of WEBIRC support until I read this, but it sounds pretty reasonable.

The only gripe I have at this point is the naming of the options (namely the unprefixed ip/hostname).

I think ultimately what I'd like to see is perhaps a single webirc option that takes an object of settings. If someone wants to modify this pull request (or make a new one) fixing that, and providing relevant documentation too, then I'd be happy to merge it :-)

@Trinitas

i should done like this:

self.opt block containing "webirc: {}" somewhere

And this must be sent before password is sent:
if (typeof self.opt.webirc.ip !== 'undefined') {
self.send("WEBIRC","self.opt.webirc.pass",self.opt.userName,self.opt.webirc.host,self.opt.webirc.ip);
}

and btw SSL is kinda useless for webirc if the node server is not on the irc server or if not using "WebSocket secure"

"WebIrcPassWord" is case sensetive (and should not be acessible by the client!?). its connects to the irc CGI block
http://wiki.mibbit.com/index.php/Enable_Mibbit_on_Your_IRC_Server < some information about that here

and the object "webirc {}" should look like this inside:
webirc = {"pass":"WebIrcPassWord","host":"my.host.com", "ip":"123.123.123.123"};

I tested it and it works perfectly. (: If the hostname is missing then it uses the ip address instead

@expr expr added the request label
@expr expr closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Mar 27, 2013
  1. @Kaltiz

    Added WEBIRC Support

    Kaltiz authored
    Added the ability to specify Hostname and IP of connecting user using the WEBIRC command
This page is out of date. Refresh to see the latest.
Showing with 18 additions and 2 deletions.
  1. +18 −2 lib/irc.js
View
20 lib/irc.js
@@ -50,7 +50,11 @@ function Client(server, nick, opt) {
floodProtectionDelay: 1000,
stripColors: false,
channelPrefixes: "&#",
- messageSplit: 512
+ messageSplit: 512,
+ webirc_mode: 'none',
+ webirc_password: '',
+ ip: '',
+ hostname: ''
};
// Features supported by the server
@@ -595,7 +599,19 @@ Client.prototype.connect = function ( retryCount, callback ) { // {{{
self.conn.authorizationError === 'CERT_HAS_EXPIRED' ) {
util.log('Connecting to server with expired certificate');
}
- if ( self.opt.password !== null ) {
+ if ( self.opt.webirc_mode == "webirc" ) {
+ self.send("WEBIRC",self.opt.webirc_password,"node-irc",self.opt.hostname,self.opt.ip);
+ }
+ else if ( self.opt.webirc_mode == "realName" ) {
+ if ( self.opt.ip != self.opt.hostname ){
+ self.opt.realName = self.opt.ip + ' ' + self.opt.hostname;
+ }
+ else {
+ self.opt.realName = self.opt.ip;
+ }
+ self.opt.realName = self.opt.ip;
+ }
+ if ( self.opt.password !== null ) {
self.send( "PASS", self.opt.password );
}
util.log('Sending irc NICK/USER');
Something went wrong with that request. Please try again.